CVE-2009-2863

Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.1 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:N/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
VendorProductVersion
ciscoios
12.0xk:xk
ciscoios
12.0xr:xr
ciscoios
12.1
ciscoios
12.1e:e
ciscoios
12.1ex:ex
ciscoios
12.1t:t
ciscoios
12.1xc:xc
ciscoios
12.1xh:xh
ciscoios
12.1xi:xi
ciscoios
12.1xj:xj
ciscoios
12.1xm:xm
ciscoios
12.1xp:xp
ciscoios
12.1xr:xr
ciscoios
12.1yb:yb
ciscoios
12.1yd:yd
ciscoios
12.1yf:yf
ciscoios
12.1yi:yi
ciscoios
12.2
ciscoios
12.2b:b
ciscoios
12.2bw:bw
ciscoios
12.2cz:cz
ciscoios
12.2dd:dd
ciscoios
12.2ex:ex
ciscoios
12.2ey:ey
ciscoios
12.2fz:fz
ciscoios
12.2ira:ira
ciscoios
12.2irb:irb
ciscoios
12.2irc:irc
ciscoios
12.2ixa:ixa
ciscoios
12.2ixb:ixb
ciscoios
12.2ixc:ixc
ciscoios
12.2ixd:ixd
ciscoios
12.2ixe:ixe
ciscoios
12.2ixf:ixf
ciscoios
12.2ixg:ixg
ciscoios
12.2s:s
ciscoios
12.2sbc:sbc
ciscoios
12.2se:se
ciscoios
12.2sec:sec
ciscoios
12.2sed:sed
ciscoios
12.2see:see
ciscoios
12.2sef:sef
ciscoios
12.2seg:seg
ciscoios
12.2sg:sg
ciscoios
12.2sga:sga
ciscoios
12.2sq:sq
ciscoios
12.2sra:sra
ciscoios
12.2srb:srb
ciscoios
12.2src:src
ciscoios
12.2su:su
ciscoios
12.2sx:sx
ciscoios
12.2sxa:sxa
ciscoios
12.2sxb:sxb
ciscoios
12.2sxd:sxd
ciscoios
12.2sxe:sxe
ciscoios
12.2sxf:sxf
ciscoios
12.2sxh:sxh
ciscoios
12.2sxi:sxi
ciscoios
12.2t:t
ciscoios
12.2tpc:tpc
ciscoios
12.2xa:xa
ciscoios
12.2xb:xb
ciscoios
12.2xd:xd
ciscoios
12.2xe:xe
ciscoios
12.2xg:xg
ciscoios
12.2xj:xj
ciscoios
12.2xk:xk
ciscoios
12.2xl:xl
ciscoios
12.2xm:xm
ciscoios
12.2xo:xo
ciscoios
12.2xq:xq
ciscoios
12.2xt:xt
ciscoios
12.2xv:xv
ciscoios
12.2xw:xw
ciscoios
12.2ya:ya
ciscoios
12.2yb:yb
ciscoios
12.2yc:yc
ciscoios
12.2ye:ye
ciscoios
12.2yf:yf
ciscoios
12.2yh:yh
ciscoios
12.2yl:yl
ciscoios
12.2ym:ym
ciscoios
12.2yn:yn
ciscoios
12.2yq:yq
ciscoios
12.2yu:yu
ciscoios
12.2yv:yv
ciscoios
12.2yx:yx
ciscoios
12.2yz:yz
ciscoios
12.2zd:zd
ciscoios
12.2zh:zh
ciscoios
12.2zj:zj
ciscoios
12.2zl:zl
ciscoios
12.2zy:zy
ciscoios
12.2zya:zya
ciscoios
12.3
ciscoios
12.3b:b
ciscoios
12.3jk:jk
ciscoios
12.3t:t
ciscoios
12.3tpc:tpc
ciscoios
12.3va:va
ciscoios
12.3xa:xa
ciscoios
12.3xc:xc
ciscoios
12.3xd:xd
ciscoios
12.3xe:xe
ciscoios
12.3xf:xf
ciscoios
12.3xg:xg
ciscoios
12.3xk:xk
ciscoios
12.3xl:xl
ciscoios
12.3xq:xq
ciscoios
12.3xr:xr
ciscoios
12.3xx:xx
ciscoios
12.3ya:ya
ciscoios
12.3yd:yd
ciscoios
12.3yg:yg
ciscoios
12.3yh:yh
ciscoios
12.3yi:yi
ciscoios
12.3yk:yk
ciscoios
12.3ym:ym
ciscoios
12.3yt:yt
ciscoios
12.3yz:yz
ciscoios
12.4
ciscoios
12.4mr:mr
ciscoios
12.4t:t
ciscoios
12.4xa:xa
ciscoios
12.4xd:xd
ciscoios
12.4xe:xe
ciscoios
12.4xf:xf
ciscoios
12.4xj:xj
ciscoios
12.4xk:xk
ciscoios
12.4xt:xt
ciscoios
12.4xv:xv
ciscoios
12.4xw:xw
ciscoios
12.4xy:xy
ciscoios
12.4xz:xz
ciscoios
12.4ya:ya
ciscoios
12.4yb:yb
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/58340
http://tools.cisco.com/security/center/viewAlert.x?alertId=18882
http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8132.shtml
http://www.securityfocus.com/bid/36491
http://www.securitytracker.com/id?1022935
https://exchange.xforce.ibmcloud.com/vulnerabilities/53453
http://osvdb.org/58340
http://tools.cisco.com/security/center/viewAlert.x?alertId=18882
http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8132.shtml
http://www.securityfocus.com/bid/36491
http://www.securitytracker.com/id?1022935
https://exchange.xforce.ibmcloud.com/vulnerabilities/53453